the only time i have seen anyone install the cert on an xp machine they install the cert in every store. I think this is a great opportunity for you to lab it up and let us all ride your coat-tails ;)
Timur Snoke Date: Tue, 23 Jun 2009 20:20:37 +0100 From: [email protected] To: [email protected] Subject: [OSL | CCIE_Security] LAB5A NAC L3 IP I have eventually got my head around NAC L3 IP but I cant seem to get the URL Redirect to work. Show eou output looks fine and I have enabled the aaa authorisation for auth proxy as well as the http server with aaa authentication, but no joy. Am i missing something? R5#sh eou ip 10.1.1.101 Address : 10.1.1.101 MAC Address : 000c.2990.5a48 Interface : FastEthernet0/1 AuthType : EAP Audit Session ID : 0000015E016D4F3C000000550A010165 PostureToken : Quarantine Age(min) : 45 URL Redirect : http://8.8.8.8 URL Redirect ACL : NO URL REDIRECT ACL ACL Name : xACSACLx-IP-NAC_SAMPLE_QUARANTINE_ACL-4a40ec7c Tag Name : NO TAG NAME User Name : XP:Administrator Revalidation Period : 3600 Seconds Status Query Period : 30 Seconds Current State : AUTHENTICATED Ive got to say the documentation for NAC is sub-par, even though there are a few more docs now for it. The certificate on the XP machine and installing the cert chain could potentially be an issue in the lab, especially knowing which cert stores to install the chain in. Is there a doc for this? Cheers Stu -- Stuart Hare [email protected] _________________________________________________________________ Microsoft brings you a new way to search the web. Try Bing™ now http://www.bing.com?form=MFEHPG&publ=WLHMTAG&crea=TEXT_MFEHPG_Core_tagline_try_bing_1x1
